<?php

    class UsersController extends Application {
        var $users;
        
        function setup()
        {
            $this->actions = array('index','add','edit','delete','get_user_permissions','profile');
            $this->use_layout('admin_layout.php');
            $this->before_filter('is_logged_in');
            $this->before_filter('has_access',array('except'=>array('profile')));
            use_model('users','roles','acl');
            $this->users = new Users();
        }
        
        function has_access()
        {
            if (!has_access_to('Admin::Modify Users')) {
                flash('error','Sorry but you do not have access to the Users tool');
                $this->redirect_to(array('controller'=>'admin/dashboard'));
            }
        }
        
		function index() 
		{				    
		    // model
		    $this->assign_ref('users',$this->users);
		    
		    // get all available users
		    $this->assign('all_users',$this->users->get_users_as_list());			    		    			        
		    
		    // adding a user
		    if ( isset($_POST['action']) && $_POST['action'] == 'add_user' )
		    {
		        $this->users->change_pass = true;
		        if ( $this->users->update_fields($_POST['users']) )
		        {
		            flash('notice','User Added');
		            $this->redirect_to(array('controller'=>'admin/users' ,'action'=>'index?id='.$this->users->get('id')));
		        }
		    }
		    
		    // editing a user
		    if ( isset($_POST['action']) && $_POST['action'] == 'edit_user' )
		    {		        
		        unset($_POST['users']['user_password']);
		        if ( $this->users->load( (int) $_POST['users']['id']) 
		            && $this->users->update_fields($_POST['users']) )
		        {
		            flash('notice','User Edited');
		            $this->redirect_to(array('controller'=>'admin/users' ,'action'=>'index?id='.$this->users->get('id')));
		        } else {
                    $id = $_POST['users']['id'];
		        }
		    }
		    
		    $user_id = isset($id) ? $id : (int) @$_GET['id'];
		    // get info for passed user if any
		    if ( !empty($user_id) )
		    {
		        // user details
		        $this->users->load($user_id);
		        
		        // don't show password
		        unset($this->users->fields['user_password']);
		        $this->assign('user',$this->users->fields);
		        
		        // roles
    	        $roles = new Roles();	    
    	        $this->assign('all_roles',$roles->get_roles_for_select());

    	        // acls
    	        $acl = new Acl();
    	        $this->assign('all_acls', $acl->get_all_acls());
		        
		        // user roles
		        $this->assign('user_roles',$roles->get_user_roles($user_id));
		        
		        // user permissions
		        $this->assign('user_acls',$acl->get_user_access($user_id));		        		        
		    }
		    
		}				
        function delete()
        {
            if ( isset($_POST['action']) 
                 && $_POST['action'] == 'delete' 
                 && !empty($_POST['id']) )
            {
                // admin check, cant delete him!
                $id    = (int) $_POST['id'];
                $this->users->load($id);
                if (!$this->users->delete() ) {
                    flash('error','Delete of user failed');
                } else {
                    flash('notice','User Deleted');
                }
            }
            $this->redirect_to('index');
        }
        
        function get_user_permissions()
        {
            if ( !empty($_POST['user_id']) )
            {
                $user_id = (int) $_POST['user_id'];
                $acl = new Acl();
    	        $this->assign('all_acls', $acl->get_all_acls());
                $this->assign('user_acls',$acl->get_user_access($user_id));	
                $this->render(array('partial'=>'_permissions.php'));
            }
        }
        
        function profile()
        {
            if ( $_POST 
                && $this->users->load( (int) $_POST['users']['id']))
            {                                  
                do
                {
                    if ( !empty($_POST['users']['user_password']) 
                         && !empty($_POST['users']['new_password'])) // user changing password
                    {                        
                        // check old password matching
                        if ( $this->users->get('user_password') != create_hash($_POST['users']['user_password']) )
                        {                            
                            $this->users->add_error('user_password','Old password incorrect') ;
                            flash('error','Old Password incorrect');
                            break;
                        } 
                        $_POST['users']['user_password'] = $_POST['users']['new_password'] ;
                        $this->users->change_pass = true;
                    } 
                    // person trying to change password, but is not inputing old password first
                    if ( empty($_POST['users']['user_password'])
                         && !empty($_POST['users']['new_password']) )
                    {
                        flash('error','You must enter in your old (current) password to change it.');
                        break;
                    }
                    if ( $this->users->update_fields($_POST['users']) )
                    {
                        flash('notice','Changes Saved'); 
                    }  
                    session_regenerate_id();                  
                } while ( 0 );                                            
            }
            $this->users->load( $_SESSION['user_id'] );
            unset($this->users->fields['user_password']);
            $this->assign_ref('users',$this->users);
        }
        
    }

?>